https://github.com/torvalds/linux
Revision cdbb65c4c7ead680ebe54f4f0d486e2847a500ea authored by Linus Torvalds on 01 August 2018, 17:38:43 UTC, committed by Linus Torvalds on 01 August 2018, 17:38:43 UTC
Anatoly continues to find issues with fuzzed squashfs images. This time, corrupt, missing, or undersized data for the page filling wasn't checked for, because the squashfs_{copy,read}_cache() functions did the squashfs_copy_data() call without checking the resulting data size. Which could result in the page cache pages being incompletely filled in, and no error indication to the user space reading garbage data. So make a helper function for the "fill in pages" case, because the exact same incomplete sequence existed in two places. [ I should have made a squashfs branch for these things, but I didn't intend to start doing them in the first place. My historical connection through cramfs is why I got into looking at these issues at all, and every time I (continue to) think it's a one-off. Because _this_ time is always the last time. Right? - Linus ] Reported-by: Anatoly Trosinenko <anatoly.trosinenko@gmail.com> Tested-by: Willy Tarreau <w@1wt.eu> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Phillip Lougher <phillip@squashfs.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent 44960f2
Tip revision: cdbb65c4c7ead680ebe54f4f0d486e2847a500ea authored by Linus Torvalds on 01 August 2018, 17:38:43 UTC
squashfs metadata 2: electric boogaloo
squashfs metadata 2: electric boogaloo
Tip revision: cdbb65c
File | Mode | Size |
---|---|---|
Documentation | ||
LICENSES | ||
arch | ||
block | ||
certs | ||
crypto | ||
drivers | ||
firmware | ||
fs | ||
include | ||
init | ||
ipc | ||
kernel | ||
lib | ||
mm | ||
net | ||
samples | ||
scripts | ||
security | ||
sound | ||
tools | ||
usr | ||
virt | ||
.clang-format | -rw-r--r-- | 12.8 KB |
.cocciconfig | -rw-r--r-- | 59 bytes |
.get_maintainer.ignore | -rw-r--r-- | 31 bytes |
.gitattributes | -rw-r--r-- | 30 bytes |
.gitignore | -rw-r--r-- | 1.5 KB |
.mailmap | -rw-r--r-- | 9.3 KB |
COPYING | -rw-r--r-- | 423 bytes |
CREDITS | -rw-r--r-- | 96.3 KB |
Kbuild | -rw-r--r-- | 2.2 KB |
Kconfig | -rw-r--r-- | 321 bytes |
MAINTAINERS | -rw-r--r-- | 449.5 KB |
Makefile | -rw-r--r-- | 58.2 KB |
README | -rw-r--r-- | 800 bytes |
Computing file changes ...